﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

public partial class Admin_Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        String sql = @"SELECT * FROM QuanTri WHERE ID=@username AND Pass=@password";
        String username = txtName.Text;
        String password = txtPass.Text;
        DataTable dt = DataBase.GetDataTable(sql, "@username", username, "@password", password);

        if (dt.Rows.Count > 0)
        {
            Label1.Text = "";
            Session["AdminName"] = txtName.Text;
            Session["Authority"] = dt.Rows[0][2].ToString();
            String sqlupdate = "UPDATE QuanTri SET LastLog = @LastLog WHERE ID=@ID";
            DataBase.ExecuteNonQuery(sqlupdate, "@LastLog", DateTime.Now, "@ID", Session["AdminName"].ToString());
            Response.Redirect("AdminCP.aspx");

        }
        else
        {
            Session["AdminName"] = null;
            Session["Authority"] = null;
            Label1.Text = "Username or Password is Invalid, try Again !!";
        }
    }
}
